/// <summary>
/// 获取加密参数的url地址
/// </summary>
/// <param name="requestUrl">要请求的页面地址(含参数)</param>
/// <param name="addSignature">是否自动加MD5签名(防止被篡改)</param>
/// <param name="addTimestamp">是否自动加时间戳(DateTime.Now.Ticks)</param>
/// <param name="encryptPassword">16个字母或数字组成的密钥(AES),如果为null或空字符串则不对参数进行加密</param>
/// <param name="signatureValue">签名字串(输出参数)</param>
/// <param name="timestampValue">时间戳(输出参数)</param>
/// <returns>加密参数的url地址</returns>
public static string GetSecureUrl(string requestUrlWithParameters, string signatureExt, string encryptPassword, out string signatureValue, out DateTime timestampValue)
{
if (requestUrlWithParameters == null)
{
requestUrlWithParameters = string.Empty;
}
Dictionary <string, string> parameters = null;
string[] query = requestUrlWithParameters.Split('?');
if (query.Length > 1)
{
parameters = WebUrlHelper.ParseQueryString(query[1]).ToDictionary();
}
return(GetSecureUrl(query[0], parameters, signatureExt, encryptPassword, out signatureValue, out timestampValue));
}
/// <summary>
/// 通过加密参数的url地址获取其中的参数
/// </summary>
/// <param name="secureUrl">加密参数的url地址或querystring部分</param>
/// <param name="encryptPassword">16位字母或数字组成的解密密钥(AES)</param>
/// <param name="errorCode">错误代码:0-成功,1-无效url地址,2-密钥为空,3-解密失败,4-签名无效,5-时间已过期</param>
/// <returns>参数</returns>
public static Dictionary <string, string> GetSecureParameters(string secureUrl, string signatureExt, string encryptPassword, int expireSeconds, out int errorCode)
{
string signatureValue = null;
DateTime timestampValue = DateTime.MinValue;
errorCode = 0;
Dictionary <string, string> parameters = new Dictionary <string, string>();
if (string.IsNullOrEmpty(secureUrl))
{
errorCode = 1;//无效地址
return(null);
}
if (secureUrl.IndexOf('?') != -1)
{
secureUrl = secureUrl.Split('?')[1];
}
if (secureUrl.IndexOf('=') == -1)
{
secureUrl = string.Empty;
}
if (secureUrl.IndexOf(SECUREURL_PARAMETER_NAME + "=", StringComparison.CurrentCultureIgnoreCase) != -1)
{
if (string.IsNullOrEmpty(encryptPassword))
{
errorCode = 2;//密码无效
return(null);
}
try
{
string[] tmp1 = secureUrl.Split('&');
string[] tmp2 = null;
foreach (string item in tmp1)
{
tmp2 = item.Split('=');
if (tmp2.Length == 2 && tmp2[0] == SECUREURL_PARAMETER_NAME)
{
secureUrl = tmp2[1];
break;
}
}
secureUrl = Encoding.UTF8.GetString(
SecurityHelper.AESDecrypt(HttpServerUtility.UrlTokenDecode(secureUrl), encryptPassword)
).Replace("\0", string.Empty);
}
catch
{
errorCode = 3;//解密失败
return(null);
}
}
NameValueCollection nvp = WebUrlHelper.ParseQueryString(secureUrl);
string tmp = null;
for (int i = 0; i < nvp.Count; i++)
{
tmp = nvp.GetKey(i);
if ("aspxautodetectcookiesupport".Equals(tmp, StringComparison.CurrentCultureIgnoreCase))
{
continue;
}
else if (SECUREURL_SIGNATURE_NAME.Equals(tmp, StringComparison.CurrentCultureIgnoreCase))
{
signatureValue = nvp.Get(i).ToUpper();
continue;
}
else if (SECUREURL_TIMESTAMP_NAME.Equals(tmp, StringComparison.CurrentCultureIgnoreCase))
{
timestampValue = new DateTime(nvp.Get(i).ToLong());
if (Math.Abs((timestampValue - DateTime.Now).TotalSeconds) > expireSeconds)
{
errorCode = 4;//时间已过期
return(null);
}
}
parameters.Add(nvp.GetKey(i), nvp.Get(i));
}
List <KeyValuePair <string, string> > orderedParameters = new List <KeyValuePair <string, string> >(parameters);
orderedParameters.Sort(delegate(KeyValuePair <string, string> a, KeyValuePair <string, string> b)
{
return(a.Key.CompareTo(b.Key));
});
string paramNVP = orderedParameters.GetNvpString(false);
string newSignature = null;
if (paramNVP.Length > 0)
{
newSignature = SecurityHelper.MD5Encrypt(paramNVP + signatureExt).ToUpper();
}
if (signatureValue != null && signatureValue != newSignature)
{
errorCode = 5;//签名无效
}
return(parameters);
}